Mon, Jul
2 New Articles

Organizing for Data Governance

  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Although the CDO role is still evolving, a number of organizational patterns are already beginning to emerge. Companies must recognize these organizational patterns to maximize the likelihood of CDO success. 

This article is excerpted from The Chief Data Officer Handbook for Data Governance.

Agree on the Reporting Relationship for the Chief Data Officer

There is no one single answer to where the CDO should report. This section is based on the reporting patterns that exist today. However, we anticipate that these reporting patterns will become standardized as more companies appoint CDOs. Today’s CDO may report to a number of executives as discussed below.

  • Chief Information Officer - The CDO most commonly reports to the Chief Information Officer (CIO). Because there is no logical “Switzerland” or supposedly unbiased party that has a strong interest in data, the default reporting structure for the CDO is the CIO. This structure also eliminates any potential conflicts between the CDO and the rest of the IT department. However, this structure may reinforce the perception that data is owned by IT and is not a business problem.
  • Chief Operating Officer - An increasing number of companies have the CDO reporting to the Chief Operating Officer (COO). This reporting structure has a few key advantages. First, the COO may be perceived to be the “Switzerland,” or impartial arbiter, of data as an enterprise asset. As a result, marketing, sales, finance, and other functions will be more inclined to accept the role of the CDO. Second, the COO already has a key focus on operational efficiency. This reporting structure reinforces the COO’s key mission by leveraging data to improve operating efficiency. In one instance, a large bank had both the CIO and the CDO as direct reports to the COO.
  • Chief Executive Officer or President -The CDO may also report to the Chief Executive Officer (CEO) or President of the company. This reporting structure works well in information services companies, which aggregate information for sale to customers. It may also work well in situations where there is a heightened level of focus on information as an enterprise asset. The downside is that the CEO or President may not always have the time to devote to the CDO.
  • Chief Risk Officer -The CDO may also report to the Chief Risk Officer (CRO). This reporting structure works very well in industries such as banking and insurance that have a strong risk management focus. However, other functions, such as marketing, sales, product management, and finance, may feel shortchanged.
  • Chief Financial Officer - The CDO may also report to the Chief Financial Officer (CFO). This reporting structure works very well in industries such as manufacturing or in companies that are finance-driven. Other functions, however, such as marketing, sales, product management, and risk management, may feel less connected to the EDM program.
  • Chief Marketing Officer - The CDO may also report to the Chief Marketing Officer (CMO). This reporting structure works very well in companies with a strong focus on customer-oriented marketing and analytics. However, the non-marketing functions may feel less aligned with the CDO in this reporting structure.

Although there is no right or wrong answer, companies must adopt the following criteria when determining the appropriate reporting structure for the CDO:

  • Size of company—The CDO may report to a more senior executive in smaller companies. However, the CDO may report a few levels down from the CEO in very large companies.

  • Executive champion—The CDO should report to the senior executive who champions the use of data as an enterprise asset. This executive may be the CRO, CFO, CMO, or somebody else.

  • Level of business sponsorship—If a company has limited business sponsorship for EDM, it will likely struggle with the CDO In this case, it is advisable to have the CDO report to the CIO on an interim basis. Once the business starts to see value from EDM, the CDO can move into the business.

Determine the Level of Centralization of the Chief Data Office

The organization must also determine the level of centralization of the chief data office. We discuss a number of patterns for the chief data office below:

  • Single, Centralized Chief Data Office - The first pattern is a single, centralized chief data office. This model works well for smaller companies that operate in a single geography and a single product line.
  • Federated Chief Data Office by Geography - Larger organizations may adopt a federated approach by geography. As shown in Figure 3.1, a multinational corporation may adopt a federated model with a global CDO as well as regional CDOs for the Americas, Europe, and Asia Pacific. The regional CDOs report into their respective regions but are dotted line to the global CDO. This approach addresses some of the political realities inherent in the fact that most organizations are not ready to completely centralize their data-related decision-making. The geographically federated model also allows data decisions to be made closer to the revenue-generating regions.

Organizing for Data Governance - Figure 1

Figure 1: Federated chief data office by geography

  • Federated Chief Data Office by Business Unit - Some organizations may also adopt a federated approach by business unit, as shown in Figure 3.2. The business unit CDOs report into their individual business units but are dotted line to the global CDO. This approach allows organizations to have some level of enterprise coordination but also permits data decisions to be close to the revenue-generating business units.
  • Federated Chief Data Office by Geography and Business Unit - Some companies may also adopt a hybrid approach, with a federated model by geography and business unit. As shown in Figure 3.3, a large multinational bank established a global CDO role. The Americas CDO had a dual role as the corporate banking CDO, while the Asia Pacific CDO was also the retail banking CDO. The geography CDOs reported into the regional organizations but were dotted line to the global CDO.

Organizing for Data Governance - Figure 2

Figure 2: Federated chief data office by business unit

Organizing for Data Governance - Figure 3

Figure 3: Federated chief data office by geography and business unit

Other approaches to the chief data office will likely emerge as the CDO role becomes more mainstream. Although there is no right or wrong answer, companies must adopt the following criteria when establishing the level of centralization of the chief data office:

  • Size of company—Smaller companies may adopt a more centralized model.

  • Geographic dispersion—Companies that operate across multiple geographies may adopt a federated

  • Product lines—Companies with multiple product lines or business units may adopt a federated model, while those with single or homogeneous product lines may adopt a centralized

  • Organizational dynamics—Companies with very strong department heads may adopt a federated approach. Others that have a culture of cross-department collaboration are more likely to succeed with a centralized approach.

Define the Overall Scope of the Chief Data Office

The organization must define the overall scope of the chief data office. As shown in Figure 3.4, data governance is a foundational program that ties together the other EDM disciplines.

Organizing for Data Governance - Figure 4

Figure 4: Scope of the chief data office in terms of EDM disciplines

We discuss each EDM discipline below:

  • Data governance—The formulation of policy to optimize, secure, and leverage information as an enterprise asset by aligning the objectives of multiple functions
  • Data ownership—The process of identifying individuals who will be accountable for the trustworthiness and supporting security and privacy of data within their purview
  • Data architecture—A discipline that sets data standards for data systems as a vision or a model of the eventual interactions between those data systems1
  • Data modeling—The process of establishing data models, which use a set of symbols and text to precisely explain a subset of real information to improve communication within the organization and thereby lead to a more flexible and stable application environment2
  • Data integration—A process that involves combining data from multiple sources to provide new insights to business users
  • Database management and operations—The process of managing data repositories
  • Data security and privacy—The process of avoiding unauthorized access to data
  • Master data management—The process of establishing a single version of the truth for an organization’s critical data entities, such as customers, products, materials, vendors, and chart of accounts
  • Reference data management—The process of managing static data such as country codes, state or province codes, and industry classification codes, which may be placed in lookup tables for reference by other applications across the enterprise
  • Data warehousing—The process of creating a centralized repository of data for reporting and analysis
  • Critical data elements—Attributes that have a significant impact on regulatory reporting, operational performance, and business intelligence
  • Metadata management—The management of information that describes the characteristics of any data artifact, such as its name, location, criticality, quality, business rules, and relationships to other data artifacts
  • Data quality management—A discipline that includes methods to measure and improve the quality and integrity of an organization’s data
  • Information lifecycle management—The process and methodology of managing information through its lifecycle, from creation through disposal, including compliance with legal, regulatory, and privacy requirements
  • Content management—The process of digitizing, collecting, and classifying paper and electronic documents

Companies must engage key stakeholders to scope out the CDO role. Based on current trends in the industry, there are a number of patterns for the scope of the chief data office:

  • Data governance focus - In this pattern, the CDO owns data governance as well as a limited set of functions, such as data quality and metadata. Other functions, such as data warehousing, master data management, reference data management, content management, data architecture, and data modeling, report to the CIO. In essence, the CDO establishes data policies and standards around EDM but outsources the technology aspects to the CIO.
  • Data governance plus some operational and analytical systems - In this pattern, the CDO owns data governance, data quality, and metadata as well as other functions such as master data management, reference data management, and data warehousing. However, the CIO still retains control over the other functions.
  • Broad EDM scope - In this pattern, the CDO owns most EDM functions, with the exception of some departments such as database management, which may continue to report to the CIO. The reporting structure for data architecture and data modeling is typically highly sensitive because it may involve breaking apart the enterprise architecture department.

As with any organization, discussions about reporting structures are fraught with political debate. The CDO must tread lightly because some or all of these functions would originally have resided within IT for decades before moving into the chief data office. There is no right or wrong answer. However, companies need to adopt the following criteria when defining the scope of the chief data office:

  • How much autonomy do we want to afford the CDO?
  • What role do we want the CIO to play with respect to EDM?
  • How will the CIO feel if the scope of IT is significantly reduced?
  • How important is it to have certain functions reporting to the CDO?
  • Can certain functions remain in IT with a dotted line to the CDO?
  • Can we attract the right CDO candidate with a reduced scope?

Establish Overall Funding and Decision-Making Authority

In the words of one CDO, “A CDO without the appropriate funding and decision-making authority risks becoming the officer of data pontification.” This comment is somewhat flippant, but it underscores the fact that the CDO role is evolving. The following is a list of questions that every CDO must ask as he or she goes about the business:

  • Will I have a team with the appropriate size and funding to drive the overall EDM initiative?
  • What is the engagement model with IT and enterprise architecture in acquiring software tools?
    • Who defines the required functionality for software tools?
    • Who interfaces with software vendors?
    • Who gets to make the final decision?
  • Can my team select and purchase software tools on their own? Will IT select and purchase software tools based on input from the chief data office?
  • Will I have the budget to acquire software tools?
  • Can I introduce data-related tollgates within the systems development lifecycle (SDLC)? Can I delay a project because data quality and metadata issues have not been appropriately addressed?
  • Can I establish data policies, standards, and processes? Will these have any “teeth”?
  • How can I work with internal audit to enforce compliance with data policies, standards, and processes?
  • What is my role with regard to regulators? For example, several financial institutions leverage the chief data office to demonstrate compliance with data-related regulatory requirements or to close out audit findings relating to data.

Because the CDO role is still evolving, the CDO must clarify and define his or her responsibilities and organizational boundaries when first appointed.

Enlist the Chief Information Officer as a Strong Partner

CIO-level support is critical whether the CDO reports into IT or the business. Some organizations have an EDM department that reports two or more levels down from the CIO. In these situations, the CIO may not have the appropriate visibility into this department. As a result, the effectiveness of the department may suffer due to lack of funding and sponsorship.

CIO support is even more important if the chief data office reports into the business. In this case, functions such as data architecture and data modeling may have moved from IT into the CDO. If not handled properly, this transition has the potential to create friction between the CIO and the CDO. It is imperative that the CDO engage the CIO as a key partner and stakeholder in the success of the EDM initiative.

Appoint a Data Governance Lead

The CDO must appoint a data governance lead who will have day-to-day responsibility for the program. The responsibilities of the data governance lead include the following:

  • Lead the data governance program office with broad oversight over the data governance program.
  • Drive the documentation, approval, and operationalization of data policies, standards, and processes.
  • Facilitate ongoing communication to executive stakeholders across the company.
  • Manage alignment with data owners across the
  • Oversee the activities of the business data
  • Support data quality efforts, including the definition of business
  • Drive the metadata initiative, including the establishment of a business glossary.
  • Facilitate the implementation of a master data
  • Drive the reference data program.
  • Work with the technology team to select and implement data governance
  • Develop a data governance dashboard to monitor adherence to data policies, standards, and processes.
  • Work with internal audit to enforce compliance with data policies, standards, and processes.

Establish a Data Governance Program Office

The CDO must also fund a data governance program office that will drive the program on a daily basis. The program office may consist of a small team of business analysts who implement the data governance program. In some instances, the data governance program office may also consist of a dedicated team that conducts data audits to enforce compliance with data policies, standards, and processes. We discuss this topic in detail in Chapter 6 on enforcing data governance.


In this chapter, we reviewed the key organizational prerequisites of CDO success. Decisions must be made regarding the reporting relationship of the CDO, the level of centralization, and the scope of the chief data office. The CDO must have the right level of funding and decision-making authority. The CDO must enlist the CIO as a key partner. Finally, the CDO must identify the right data governance lead and establish a data governance program office.


1 http://en.wikipedia.org/wiki/Data_architecture

2 Data Modeling Made Simple, 2nd Edition (Steve Hoberman, Technics Publications, LLC, 2009).



Sunil Soares

Sunil Soares is the founder and managing partner of Information Asset, LLC, a consulting firm that specializes in data governance. Prior to this role, Sunil was director of information governance at IBM, where he worked with clients across six continents and multiple industries. Before joining IBM, Sunil consulted with major financial institutions at the Financial Services Strategy Consulting Practice of Booz Allen & Hamilton in New York. Sunil lives in New Jersey and holds an MBA in finance and marketing from the University of Chicago Booth School of Business.

MC Press books written by Sunil Soares available now on the MC Press Bookstore.

Big Data Governance Big Data Governance
Discover not only the “why” but the “how” of governing big data.
List Price $59.95

Now On Sale

Data Governance Tools Data Governance Tools
See why tools are a critical component of a data governance program, and learn how to evaluate them.
List Price $59.95

Now On Sale

IBM InfoSphere: A Platform for Big Data Governance and Process Data Governance IBM InfoSphere: A Platform for Big Data Governance and Process Data Governance
Get to know the big data support across the IBM InfoSphere portfolio.
List Price $16.95

Now On Sale

Selling Information Governance to the Business Selling Information Governance to the Business
Learn best practices for implementing an information governance program across a variety of specific industries.
List Price $49.95

Now On Sale

The Chief Data Officer Handbook for Data Governance The Chief Data Officer Handbook for Data Governance
Implement a program that will manage data as an asset while delivering the trusted data your business initiatives require.
List Price $16.95

Now On Sale

The IBM Data Governance Unified Process The IBM Data Governance Unified Process
Learn the 14 steps to implementing data governance based on IBM products, services, and best practices.
List Price $24.95

Now On Sale



Support MC Press Online


Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: